Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/89460c-132f-4c91-bd81-cfc0fcba83a2/1/JQVlI8R0EmGnQY058OBII58_SZw.roa
File: JQVlI8R0EmGnQY058OBII58_SZw.roa (raw, json)
Hash identifier: cTHLzoXypC8wyz2SUtxYFBrm1YwSBWBwaS3KjTbOAP8=
Subject key identifier: 25:05:65:23:C4:74:12:61:A7:41:8D:39:F0:E0:48:23:9F:3F:49:9C
Certificate issuer: /CN=4f4fe81f3231268f7ce3c314a496a82cc2277c3b
Certificate serial: 01856D017875EDE148A718971DFFC76DD151
Authority key identifier: 4F:4F:E8:1F:32:31:26:8F:7C:E3:C3:14:A4:96:A8:2C:C2:27:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T0_oHzIxJo9848MUpJaoLMInfDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/89460c-132f-4c91-bd81-cfc0fcba83a2/1/JQVlI8R0EmGnQY058OBII58_SZw.roa
Signing time: Sun 01 Jan 2023 11:04:50 +0000
ROA not before: Sun 01 Jan 2023 11:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213004
IP address blocks: 185.216.64.0/22 maxlen: 22
185.216.64.0/24 maxlen: 24
185.216.65.0/24 maxlen: 24
185.216.66.0/24 maxlen: 24
185.216.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:78:75:ed:e1:48:a7:18:97:1d:ff:c7:6d:d1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4fe81f3231268f7ce3c314a496a82cc2277c3b
Validity
Not Before: Jan 1 11:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25056523c4741261a7418d39f0e048239f3f499c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2f:8c:84:fc:39:73:1c:d1:b9:03:eb:4b:af:
9d:f9:54:5e:b2:30:6b:06:3b:61:35:ac:1e:7d:bc:
0f:73:15:cd:7c:fd:e2:25:83:80:f9:26:ff:bd:b6:
f2:f1:09:ae:ee:1e:e5:4e:12:06:96:a8:be:a5:d7:
40:0b:a8:8f:23:49:fa:ff:b1:a6:01:ea:f6:d9:2f:
67:b5:6d:5a:ef:ed:c8:58:2b:c3:b1:46:7d:fb:e6:
d0:bd:ee:7f:46:85:cc:0f:24:26:67:92:ef:8a:11:
27:58:ed:16:83:08:e8:7c:97:2d:f0:c6:65:1a:ef:
07:2b:a8:8c:7c:37:94:82:b3:2b:f4:b4:c4:5f:46:
21:b0:cc:95:34:02:fd:fe:ef:f9:33:55:5d:0e:a7:
52:76:f7:3d:ee:de:5d:94:d5:55:ea:db:38:35:d0:
47:87:20:1d:39:79:ef:18:cb:ac:f2:6a:c8:20:31:
fe:cf:18:2b:eb:7a:d0:a7:a4:0d:cf:06:55:ee:19:
92:aa:91:91:93:1a:70:e1:5f:5b:c3:3b:bf:6d:b2:
1e:8c:b7:99:eb:fe:ec:43:0b:59:fa:9c:9f:63:f5:
c3:a8:23:eb:c9:f1:25:d8:dd:62:31:5f:5b:a6:f4:
b0:53:54:99:ec:23:69:2d:67:26:bd:42:f7:ab:0c:
5d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:05:65:23:C4:74:12:61:A7:41:8D:39:F0:E0:48:23:9F:3F:49:9C
X509v3 Authority Key Identifier:
keyid:4F:4F:E8:1F:32:31:26:8F:7C:E3:C3:14:A4:96:A8:2C:C2:27:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T0_oHzIxJo9848MUpJaoLMInfDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/89460c-132f-4c91-bd81-cfc0fcba83a2/1/JQVlI8R0EmGnQY058OBII58_SZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/89460c-132f-4c91-bd81-cfc0fcba83a2/1/T0_oHzIxJo9848MUpJaoLMInfDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.64.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:8d:54:44:b8:9a:fd:19:b5:75:6f:7b:99:60:b6:6a:d1:51:
49:5d:48:dc:b0:a7:0b:d2:f1:06:b3:dd:a5:1d:b9:2c:fc:ad:
04:84:aa:a8:d0:4f:25:c4:44:1a:eb:de:53:05:46:25:5d:36:
85:18:17:25:aa:35:77:42:45:38:3b:1c:b9:1e:f9:15:81:4d:
db:00:3b:d8:be:04:2c:9b:39:f2:ef:1c:15:2d:65:bf:37:ec:
50:ad:1c:9f:d7:c3:28:22:01:84:0c:73:99:09:b7:0a:e0:f9:
94:76:25:af:f9:5d:ab:00:52:a4:3f:5f:1a:cb:b6:3e:e5:77:
fe:36:33:e5:95:d7:f6:ac:1c:ae:d9:58:20:e2:9e:3a:9d:cf:
ad:3f:b5:24:77:2e:28:4b:1d:a9:e7:a2:e9:c4:17:04:7b:62:
d2:e2:05:83:3b:e8:06:4a:a8:63:76:51:53:e7:7b:5c:80:42:
26:66:84:7a:33:c2:f0:76:7e:78:1e:a8:2d:86:1c:84:d3:a2:
52:fb:98:a6:02:b5:8a:03:8f:a7:d5:9a:79:0a:ce:3c:54:63:
8e:46:12:00:c0:38:f3:79:a2:8f:88:d7:f9:70:34:bb:40:97:
f2:f5:7f:bb:11:03:5d:6b:97:d6:6c:6b:c0:27:84:9d:40:79:
3e:2a:f4:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAXh17eFIpxiXHf/HbdFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGZlODFmMzIzMTI2OGY3Y2UzYzMxNGE0OTZhODJjYzIy
NzdjM2IwHhcNMjMwMTAxMTEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTA1NjUyM2M0NzQxMjYxYTc0MThkMzlmMGUwNDgyMzlmM2Y0OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni+MhPw5cxzRuQPrS6+d+VResjBr
BjthNawefbwPcxXNfP3iJYOA+Sb/vbby8Qmu7h7lThIGlqi+pddAC6iPI0n6/7Gm
Aer22S9ntW1a7+3IWCvDsUZ9++bQve5/RoXMDyQmZ5LvihEnWO0WgwjofJct8MZl
Gu8HK6iMfDeUgrMr9LTEX0YhsMyVNAL9/u/5M1VdDqdSdvc97t5dlNVV6ts4NdBH
hyAdOXnvGMus8mrIIDH+zxgr63rQp6QNzwZV7hmSqpGRkxpw4V9bwzu/bbIejLeZ
6/7sQwtZ+pyfY/XDqCPryfEl2N1iMV9bpvSwU1SZ7CNpLWcmvUL3qwxdPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUFZSPEdBJhp0GNOfDgSCOfP0mcMB8GA1UdIwQY
MBaAFE9P6B8yMSaPfOPDFKSWqCzCJ3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDBfb0h6SXhKbzk4NDhNVXBKYW9MTUluZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84OTQ2MGMtMTMyZi00YzkxLWJkODEt
Y2ZjMGZjYmE4M2EyLzEvSlFWbEk4UjBFbUduUVkwNThPQklJNThfU1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84OTQ2MGMtMTMyZi00YzkxLWJkODEtY2ZjMGZjYmE4M2Ey
LzEvVDBfb0h6SXhKbzk4NDhNVXBKYW9MTUluZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudhAMA0G
CSqGSIb3DQEBCwUAA4IBAQDNjVREuJr9GbV1b3uZYLZq0VFJXUjcsKcL0vEGs92l
Hbks/K0EhKqo0E8lxEQa695TBUYlXTaFGBclqjV3QkU4Oxy5HvkVgU3bADvYvgQs
mzny7xwVLWW/N+xQrRyf18MoIgGEDHOZCbcK4PmUdiWv+V2rAFKkP18ay7Y+5Xf+
NjPlldf2rByu2Vgg4p46nc+tP7Ukdy4oSx2p56LpxBcEe2LS4gWDO+gGSqhjdlFT
53tcgEImZoR6M8Lwdn54HqgthhyE06JS+5imArWKA4+n1Zp5Cs48VGOORhIAwDjz
eaKPiNf5cDS7QJfy9X+7EQNda5fWbGvAJ4SdQHk+KvR+
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:22 2024 by rpki-client on console.sobornost.net